package com.example.springsecurity.service;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;

import java.util.ArrayList;

/**
 * @program: spring-security
 * @description: 11
 * @author: XianJin.Lu
 * @create: 2021-08-10 16:49
 **/

//用户登录时  这个UserDetailServiceImpl 会被调用  账号密码  的校验逻辑就在 这里
@Service
public class UserDetailServiceImpl  implements UserDetailsService {

    @Autowired
    PasswordEncoder passwordEncoder;


    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        //实际开发过程中  这里根据username   查询数据库的账号  密码     密码在注册的时候应该加密

        if(!"admin".equals(username)){
            throw new UsernameNotFoundException("用户名不存在");
        }
        String password=passwordEncoder.encode("123");


        //分配的权限
        //这样可以分配多权限    数据库中权限可以用字符串存储 然后查询出来   传递给commaSeparatedStringToAuthorityList
        //注意  ROLE 用来分配juese
        String s="admin,user,ROLE_abc";
        return  new User(username,password, AuthorityUtils.commaSeparatedStringToAuthorityList(s));



    }
}
